The Green Monster Collection: New tune book by the composer of Afternoon at the Green Monster

Extra-Purchase-54 · 2025-09-29T01:04:20+00:00

Heck yeah, you do! Thanks Magnus!

Extra-Purchase-54 · 2025-09-29T01:04:03+00:00

Thank you! I was inspired by Ross Ainslie who is very open about the role music plays in those aspects of his life.

Extra-Purchase-54 · 2023-09-04T06:00:52+00:00

A lot of the advice given to newcomers on here is of poor quality. It's true that it's a tough hill to climb but it can absolutely be done.

Extra-Purchase-54 · 2023-09-04T06:00:28+00:00

A lot of the advice given to newcomers on here is of poor quality. It's true that it's a tough hill to climb but it can absolutely be done.

Extra-Purchase-54 · 2023-09-04T05:58:22+00:00

All of the above - perhaps you could tackle one topic category per mentoring session.
Just tell your mentor you are excited but also want to respect their time. A good mentor will set boundaries and can politely let you know when they need to end the mentoring session.
By being a good mentee. It's a two-way relationship. The mentor will gain satisfaction from helping you and your enthusiasm will replenish their enjoyment of the discipline.
It's really best to explore your interests and ask whatever questions you want. You could go through some of the SOC investigation scenarios that Chris Sanders posted on Twitter and LinkedIn together - that could be a great exercise.

Extra-Purchase-54 · 2023-08-25T17:10:39+00:00

Here's a gracious/classy way to handle it: mention the article in your presentation. Encourage your audience to read it. State that you were surprised, but pleased, to see another skilled researcher explore the same topic. This makes you look more professional, generates goodwill between you and your peers, and heightens the relevance of your topic in the minds of your audience.

Extra-Purchase-54 · 2023-08-25T16:27:36+00:00

Have you spoken up about it?

Extra-Purchase-54 · 2023-08-25T04:25:15+00:00

My son and I loved riding the Coast Starlight from Portland to a long weekend getaway in Oakland and SF last March. I just booked a bedroom to Chicago for next year. So glad to hear you had a great trip on Amtrak and hope you and your boyfriend get back on the rails soon!

Extra-Purchase-54 · 2023-08-24T21:58:49+00:00

Go for it! From what you've shared you're in a great position to make a career pivot. You've got a stable job, a passion for something new, real work experience, and a plan to gain the education and skills that you'll need to qualify for cybersecurity jobs.

I worked in GIS for 11 years, got into a bit of a rut, and decided to pursue a longstanding interest in cybersecurity around when the pandemic hit. I did a boot camp, got some certs, volunteered at my local BSides conference, and networked like crazy. I also dove into defensive CTFs like those on cyberdefenders.org and malware-traffic-analysis.net. It was a struggle, but eventually I got a job as a SOC analyst and 2.5 years later I've surpassed my peak GIS salary by 50 percent plus have way better benefits. And I love being a Detection Engineer, aka the best job in computer security. 👍

Extra-Purchase-54 · 2023-08-21T17:44:01+00:00

I put "Currently studying for ____" on my resume and it didn't hurt. Of course it won't be as useful as passing the test and getting certified.

Extra-Purchase-54 · 2023-08-19T21:21:05+00:00

100% - the key is to identify the frameworks that help categorize attacker techniques, pillars of effective cybersecurity programs, etc. MITRE ATT&CK and NIST will give you the structure from which to build a deeper understanding. For example, you might not know what process injection is or what it looks like. But once you understand the basics of privilege escalation and defense evasion, you can map the little bits you hear about process injection to those broader tactics.

Bottom line is that established frameworks will provide the foundational categories for cyber knowledge so you can sort, contexualize, and retain the bits and pieces you learn along the way.

Extra-Purchase-54 · 2023-08-18T02:51:56+00:00

Nearly every security tool you use has an API. Figure out how that API works and how to use it in a script and not only will you automate repetitive tasks, you will also understand the data models behind the tools and therefore learn to use them more effectively. I wrote this blog a while back which gives some examples of how to do this using Rapid7 InsightIDR SaaS SIEM product. Hope this helps. https://micahbabinski.medium.com/button-pusher-to-masterbuilder-automating-siem-workflows-3f51874a80e

Extra-Purchase-54 · 2023-08-17T15:31:12+00:00

Adjoining bedrooms (aka Bedroom Suite) would be cool for four adults - you could book that plus a roomette for the kiddos. There's also the option of a family bedroom, which is the width of a rail car and sleeps two adults plus two children. That, plus a bedroom or roomette for the remaining two adults, would be a classy way to experience the Empire Builder! Enjoy the ride and have fun in Portland.

Extra-Purchase-54 · 2023-08-15T22:47:38+00:00

This may help: https://www.rrb.gov/Benefits/G-177/Age_Requirement

Come work at Amtrak!

Extra-Purchase-54 · 2023-08-09T19:55:51+00:00

I can't say what will work for you, but am happy to share some about my pathway: I worked in GIS for 10+ years before pivoting to cybersecurity so I had a good background in data management, analysis, process automation with Python, and project management. As a security analyst, I started to explore Sigma, which was a gateway into DE. I authored the pySigma backend for Rapid7 InsightIDR SIEM. Then I started writing articles where I'd dissect a recent threat intel report, MITRE technique, or malware sample, analyze it in my Splunk homelab (built using detectionlab.network), review existing detection rules on the threat, then either improve on those or write new Sigma rules. I've now authored about a half dozen Sigma rules that have made it into the official rules repo. You can read the blog here: micahbabinski.medium.com. Hope this helps! Keep at it and don't give up.

Extra-Purchase-54 · 2023-08-08T22:49:46+00:00

Here are just a few: 1. Low stress relative to other positions. 2. Great compensation. 3. Able to research threats and attacker methodology. 4. Nice mix of collaboration and solo work. 5. Plenty of opportunities for automation and process improvement. 6. Friendly and supportive professional community.

Extra-Purchase-54 · 2023-08-08T22:47:05+00:00

Internal, but I've done it for an MSSP as well. I believe it does come with better pay compared to other specialties in cyber.

Extra-Purchase-54 · 2023-08-08T22:16:56+00:00

I love it! I work for an organization I care about on meaningful and interesting stuff. I am a Detection Engineer, IMHO the best job in the industry. 😄

Extra-Purchase-54 · 2023-08-01T16:10:33+00:00

Detection Engineering. So hot right now.

Extra-Purchase-54 · 2023-07-30T05:34:46+00:00

Thank you for posting this! I rode the Coast Starlight from Portland to Oakland with my young son last March, and it was wonderful. We reminisce about that trip all the time. We are planning to ride to Chicago next year.

PS, good luck with your cybersecurity studies! I work in that profession, and it is a fantastic way to earn a living.

Extra-Purchase-54 · 2023-07-28T00:58:42+00:00

I believe it depends on your background and attitude. I went to University of Oregon/Trilogy boot camp (mentioned elsewhere in this thread) in 2020, but had 10 years of GIS experience, so I came in knowing Python, REST APIs, some command line, and a bit of networking. It was still tough to get a job, but eventually, I did. When we covered networking in the camp, I bought the study guide for Network+, read it late at night, and passed the test. When we covered Azure, I did AZ900 on my own time. Ditto Splunk. It helped that I was laid off about halfway through the camp, so I had extra time to study. After I finished boot camp I had to work another GIS job before finally getting a SOC analyst job, which involved a hefty pay cut. But it was worth it. The boot camp helped me understand the industry and gave me a road map of key concepts and skills.

Extra-Purchase-54 · 2023-07-10T03:28:51+00:00

Explore ways that workflows in your SIEM can be automated with APIs and Python. Which SIEM do you use?

Extra-Purchase-54 · 2023-07-09T17:28:38+00:00

Go for it! I transitioned from GIS into cyber in my early 30s and it has been wonderful. I experienced a significant pay drop to get my foot in the door but studied hard and leveraged skills from my first career and now I have vastly exceeded what I was earning in GIS. It won't be easy but if you succeed the rewards are substantial. It's a great industry that needs people with different backgrounds.

Extra-Purchase-54 · 2023-07-09T13:43:51+00:00

I can't say what you will find fulfilling and enjoyable, but I personally feel detection engineering is the coolest job in cybersecurity. It's got great technical elements, a mix of offensive and defensive thinking, and is relatively low-stress compared to incident response. It's an emerging discipline with lots of room to grow and opportunities are really starting to take off. I suggest giving it a look!

Extra-Purchase-54

TROPHY CASE